Red Hat Security Advisory 2020-1852-01 - The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file.
2d80137633d314ee426cbb60738dbb714b12e2a48956ae50eb34bc05ea204a28
Gentoo Linux Security Advisory 201908-22 - Multiple vulnerabilities have been found in Patch, the worst of which could result in the arbitrary execution of code. Versions less than 2.7.6-r4 are affected.
6f447b44bb4214475ce239876d771d1fa9336181e808c8f24d80e42adab348e3
GNU patch suffers from command injection and various other vulnerabilities when handling specially crafted patch files.
46e27d51accb7a7405dd3c34e724a12c052ab52ecfe5b3acffb883ba165d5e6b
Debian Linux Security Advisory 4489-1 - Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed.
629bdd444567253abe16946a2abbf219c2b6e287a64661215bc9b20cf3983ebc
Ubuntu Security Notice 4071-2 - USN-4071-1 fixed several vulnerabilities in Patch. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.
0b7c4a198db51cde30cce47cc6a0ae95e2c18bd207868b3dc0dab1fbed99adb0
Ubuntu Security Notice 4071-1 - It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
bb6be6ae6ab1c6d02ca25c70421ee7d9fb0267f22a1d62dae05ce539135a8dc1